I created an ActionResult Access denied controller an error box is generated whenever the user does not have permission, and I have also created the UserPermission class that I will use instead of Authorize > .
My problem is that I can not use the returnUrl, it redirects to the login page, but by logging in, it returns to Home, Index .
Or if you have a way to just create the error box within Authorize itself .
The class UserPermission :
using System.Linq;
using System.Web.Mvc;
using System.Web.Routing;
namespace PortalDeRelacionamentoProject.Util
{
public class UsuarioPermissao : AuthorizeAttribute
{
protected override void HandleUnauthorizedRequest(AuthorizationContext filterContext)
{
if (!filterContext.HttpContext.User.Identity.IsAuthenticated)
{
// The user is not authenticated
base.HandleUnauthorizedRequest(filterContext);
}
else if (!this.Roles.Split(',').Any(filterContext.HttpContext.User.IsInRole))
{
// The user is not in any of the listed roles =>
// show the unauthorized view
filterContext.Result = new RedirectToRouteResult(
new RouteValueDictionary(
new { Controller = "Account", action = "AcessoNegado", area = "" }));
}
else
{
base.HandleUnauthorizedRequest(filterContext);
}
}
}
}
The Account controller is ActionResult AccessNegado
public ActionResult AcessoNegado(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
TempData["AlertaUsuario"] = new Alerta()
{
Mensagem = "Seu usuário não tem permissão para realizar essa operação, entre em contato com o suporte.",
EhFechavel = true,
Tipo = "alert-danger",
Titulo = "Erro"
};
return RedirectToAction("Login", new { ReturnUrl = returnUrl});
}